Skip to content

fix: Rebuild auth even on redirects #229

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
yangchoo merged 1 commit into from
Dec 13, 2022
Merged

fix: Rebuild auth even on redirects #229

yangchoo merged 1 commit into from
Dec 13, 2022

Conversation

@yangchoo
Copy link
Contributor

@yangchoo yangchoo commented Dec 9, 2022

Summary

In the case where redirects are hit, we are currently following the default requests session rebuild_auth behavior which does not re-call any of our internal auth handlers.

This results in a case where a redirected request has a stale signature resulting in an auth error.

@yangchoo yangchoo force-pushed the STDV-1999_fix-redirect-auth branch 2 times, most recently from 3e3f8e6 to 0661e8e Compare December 9, 2022 10:46
@yangchoo
Copy link
Contributor Author

yangchoo commented Dec 9, 2022

To land after #230

@EribertoLopez
Copy link
Contributor

EribertoLopez commented Dec 9, 2022

@yangchoo Just so I'm on the same page. We were always requesting using http and being redirected, then rebuilding the request without the required headers. Or was it using the same headers and reusing the signature initially generated?

EribertoLopez
EribertoLopez previously approved these changes Dec 9, 2022
View reviewed changes
@yangchoo
Copy link
Contributor Author

yangchoo commented Dec 10, 2022

@EribertoLopez

Or was it using the same headers and reusing the signature initially generated?

It's more of this case. In the case of redirects, we were still using the initial authz header, which is no longer valid for the updated address.

Note that we have also written custom logic for resolving whether it is an internal_request. This was bypassed in the case of the original rebuild_auth function. That had its own logic for stripping auth headers and handling a similar situation.

We are basically taking full responsibility over the auth header building process.

@yangchoo yangchoo force-pushed the STDV-1999_fix-redirect-auth branch from 0661e8e to 2700f43 Compare December 11, 2022 07:20
@yangchoo yangchoo merged commit bb59c71 into master Dec 13, 2022
@yangchoo yangchoo deleted the STDV-1999_fix-redirect-auth branch December 13, 2022 00:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dzleidig dzleidig Awaiting requested review from dzleidig

1 more reviewer

@EribertoLopez EribertoLopez EribertoLopez approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yangchoo @EribertoLopez